Do not parse a 404 as X509 certificate. Honor the response code.
What does this MR do?
Upgrade github.com/stretchr/testify to a version that includes assert.ErrorContains and then use it to write a test for how the urlResolver handles error codes.
Why was this MR needed?
We noticed that the TLS chain builder would attempt to parse a 404 as X509 certificate. Provide a clear error message. In general we would exactly expect a 200er code but given that this might change behavior accept any successful HTTP outcome.
What's the best way to test this MR?
Run a gitlab-runner without a CA chain and have a certificate point to a parent that does not exist.